Security Release: Fix oc-id CSRF
A CSRF vulnerability was found in the oc-id service that ships with the Chef Server (specifically in the doorkeeper gem that is used by the oc-id service). This release updates the gem.
Chef Server 12.0.1 and Enterprise Chef Server 11.2.6 contain the fix. Open Source Chef Server 11 does not need the fix, as it does not ship with the oc-id service.